71209e27c13f936100cb7a8d2ad93d4f4e42730ca42ebf9ba2aed60761e4d4e7

General

Target

71209e27c13f936100cb7a8d2ad93d4f4e42730ca42ebf9ba2aed60761e4d4e7
Size

288KB
MD5

5860a7d091956381e5d0f1d0cda435b8
SHA1

54a99e420992688a9d54b4e5297b11c1af1605d8
SHA256

71209e27c13f936100cb7a8d2ad93d4f4e42730ca42ebf9ba2aed60761e4d4e7
SHA512

ffbb2f460e8a735e2f5044a65d773d840cc3695f49723e1108d27469bdf6ec2d52744607dec27c506e688d5b8990c13fb7fa07e32124c62e380883a9534da884
SSDEEP

6144:fSk/8bo+fvBReyU3DLr7zE43vhoXhJVkrU6jx1Wt53fp7GV31Gzrr/g0uI23oMsh:fSk/8b9fv1U3TAlGWt9fps4

Score

N/A

Malware Config

Signatures

Files

71209e27c13f936100cb7a8d2ad93d4f4e42730ca42ebf9ba2aed60761e4d4e7
.exe windows x86

3430482429933ed9b78c1787ca750cb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeBugCheckEx
KeTickCount
_allshl
RtlAppendUnicodeToString
RtlEqualUnicodeString
READ_REGISTER_ULONG
RtlCompareMemory
KeQuerySystemTime
IoWMIWriteEvent
ExfInterlockedInsertHeadList
ZwCreateFile
ZwDeviceIoControlFile
ZwClose
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
ExInterlockedAddLargeInteger
KeEnterCriticalRegion
KeLeaveCriticalRegion
_aulldiv
_allmul
KeQueryInterruptTime
MmMapLockedPages
_alldiv
_allshr
RtlInitUnicodeString
RtlCompareUnicodeString
ExSetTimerResolution
KeQueryTimeIncrement
RtlCopyUnicodeString
RtlQueryRegistryValues
DbgPrint

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeQueryPerformanceCounter

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.PAGE1
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3430482429933ed9b78c1787ca750cb7

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 16KB

INIT Size: 1024B - Virtual size: 1024B

.reloc Size: 256B - Virtual size: 226B

.PAGE1 Size: 256B - Virtual size: 256B

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 16KB

INIT
Size: 1024B - Virtual size: 1024B

.reloc
Size: 256B - Virtual size: 226B

.PAGE1
Size: 256B - Virtual size: 256B